From bd4c76c229eb4c27978ef27b732a514eb58d0674 Mon Sep 17 00:00:00 2001 From: Dean Lofts Date: Fri, 25 Oct 2024 13:18:50 +1100 Subject: [PATCH] try github actions with kamal --- .github/workflows/01.deploy.yml | 52 +++++++++++++++++++++++++++++++++ .kamal/secrets-common | 11 +++++++ config/deploy.yml | 1 - load-envs.sh | 19 ++++++++++++ 4 files changed, 82 insertions(+), 1 deletion(-) create mode 100644 .github/workflows/01.deploy.yml create mode 100644 .kamal/secrets-common create mode 100755 load-envs.sh diff --git a/.github/workflows/01.deploy.yml b/.github/workflows/01.deploy.yml new file mode 100644 index 0000000..79c01ff --- /dev/null +++ b/.github/workflows/01.deploy.yml @@ -0,0 +1,52 @@ +name: Deploy to Digital Ocean + +permissions: + id-token: write + contents: read + +on: + workflow_dispatch: + push: + branches: + - dl/kamal-2-test + +jobs: + deploy: + name: Deploy + runs-on: ubuntu-latest + environment: staging + timeout-minutes: 20 + + steps: + - uses: actions/checkout@v4 + + - uses: ruby/setup-ruby@v1 + env: + BUNDLE_GEMFILE: ./Gemfile + with: + ruby-version: .ruby-version + bundler-cache: true + + - uses: docker/setup-buildx-action@v3 + + - uses: webfactory/ssh-agent@v0.9.0 + with: + ssh-private-key: ${{ secrets.DROPLET_SSH_PRIVATE_KEY }} + + - name: Deploy with Kamal + env: + KAMAL_HOST: ${{ secrets.DROPLET_IP }} + KAMAL_REGISTRY_USERNAME: ${{ github.actor }} + KAMAL_REGISTRY_PASSWORD: ${{ secrets.GITHUB_TOKEN }} + SECRET_KEY_BASE: ${{ secrets.SECRET_KEY_BASE }} + AXIOM_API_KEY: ${{ secrets.AXIOM_API_KEY }} + DO_TOKEN: ${{ secrets.DO_TOKEN }} + SPACES_REGION: ${{ secrets.SPACES_REGION }} + SPACES_BUCKET_NAME: ${{ secrets.SPACES_BUCKET_NAME }} + SPACES_BUCKET_CONTENT: ${{ secrets.SPACES_BUCKET_CONTENT }} + SPACES_ACCESS_KEY_ID: ${{ secrets.SPACES_ACCESS_KEY_ID }} + SPACES_SECRET_ACCESS_KEY: ${{ secrets.SPACES_SECRET_ACCESS_KEY }} + RAILS_MASTER_KEY: ${{ secrets.RAILS_MASTER_KEY }} + DOCKER_BUILDKIT: 1 + run: | + ./bin/kamal deploy \ No newline at end of file diff --git a/.kamal/secrets-common b/.kamal/secrets-common new file mode 100644 index 0000000..c33ab26 --- /dev/null +++ b/.kamal/secrets-common @@ -0,0 +1,11 @@ +KAMAL_REGISTRY_PASSWORD=$KAMAL_REGISTRY_PASSWORD +KAMAL_REGISTRY_USERNAME=$KAMAL_REGISTRY_USERNAME +RAILS_MASTER_KEY=$RAILS_MASTER_KEY +SECRET_KEY_BASE=$SECRET_KEY_BASE +AXIOM_API_KEY=$AXIOM_API_KEY +DO_TOKEN=$DO_TOKEN +SPACES_REGION=$SPACES_REGION +SPACES_BUCKET_NAME=$SPACES_BUCKET_NAME +SPACES_BUCKET_CONTENT=$SPACES_BUCKET_CONTENT +SPACES_ACCESS_KEY_ID=$SPACES_ACCESS_KEY_ID +SPACES_SECRET_ACCESS_KEY=$SPACES_SECRET_ACCESS_KEY \ No newline at end of file diff --git a/config/deploy.yml b/config/deploy.yml index ba70d1a..80732be 100644 --- a/config/deploy.yml +++ b/config/deploy.yml @@ -39,7 +39,6 @@ env: - KAMAL_REGISTRY_PASSWORD - SECRET_KEY_BASE - AXIOM_API_KEY - - GEOCODER_API_KEY - DO_TOKEN - SPACES_REGION - SPACES_BUCKET_NAME diff --git a/load-envs.sh b/load-envs.sh new file mode 100755 index 0000000..67f8fa8 --- /dev/null +++ b/load-envs.sh @@ -0,0 +1,19 @@ +#!/bin/bash + +# Check if the script is being sourced +if [[ "${BASH_SOURCE[0]}" == "${0}" ]]; then + echo "❌ Don't run this script directly!" + echo "✅ Instead, use this command:" + echo "" + echo " source load-envs.sh" + echo "" + exit 1 +fi + +if [ -f .env ]; then + export $(cat .env | grep -v '^#' | xargs) + echo "✨ Environment variables loaded from .env" +else + echo "❌ .env file not found" + exit 1 +fi \ No newline at end of file